In the existing communication system, the service server may need to obtain user information of a user when providing services to the user. In this case, the service server may acquire a token for accessing the user information through intermediate equipment (e.g., the Live ID server in the Microsoft windows live technique), and then obtain the user information of the user from an interactive server by using the token. During the implementation of the present invention, the inventor finds that the prior art has the following problem: by using the token, the service server can access the interactive server to obtain the user information of the user at any time, which is adverse to the security protection of the user information, and there is a risk that the user information may be abused.